Position: Senior Cisco Network Engineer
Location: On site - Santa Clara
Contract: 6 months - possible contract extension
We are seeking a highly skilled Senior Cisco Network Engineer with deep expertise in Network Access Control (NAC) and Cisco Identity Services Engine (ISE). This role will be responsible for designing, implementing, optimizing, and supporting secure enterprise network infrastructures with a strong emphasis on identity-based access, segmentation, and compliance.
The ideal candidate is a hands-on technical leader with extensive experience in Cisco enterprise environments, zero-trust architecture principles, and complex multi-site deployments.
Key Responsibilities
· Design, implement, and support enterprise-wide Cisco ISE/NAC solutions
· Lead architecture and deployment of secure wired and wireless access controls
· Integrate ISE with:
o Active Directory / LDAP
o PKI and certificate services
o MDM / endpoint compliance platforms
o SIEM / security monitoring tools
· Implement and manage:
o 802.1X authentication (EAP-TLS, PEAP)
o Guest access portals
o BYOD workflows
o Posture assessment and remediation
· Deploy and manage Cisco TrustSec and segmentation policies
· Provide advanced troubleshooting for complex authentication and authorization issues
· Perform upgrades, patching, and lifecycle management of Cisco infrastructure
· Collaborate with security teams to align network access with zero-trust strategy
· Create technical documentation, diagrams, and operational runbooks
· Provide mentorship to junior network engineers
· Participate in on-call escalation support as needed
Required Qualifications
· 7+ years of enterprise network engineering experience
· 3+ years of hands-on experience with Cisco ISE/NAC implementations
· Strong expertise in:
o Cisco Catalyst switches
o Cisco wireless LAN controllers
o 802.1X authentication protocols
o RADITACACS+
o VLAN segmentation and policy-based access control
· Experience with:
o Cisco DNA Center
o Cisco TrustSec
o Multi-site ISE deployments
o High availability and distributed node architecture
· Deep understanding of:
o TCP/IP, routing (BGP, OSPF, EIGRP)
o Switching technologies
o Firewall integration
· Strong troubleshooting and packet analysis skills (Wireshark preferred)
Preferred Certifications
· CCNP Enterprise (required or equivalent experience)
· CCIE (preferred)
· Cisco Certified Specialist – Security Identity Management
· CISSP (a plus)
Preferred Experience
· Experience in large enterprise or global environments
· Zero-trust architecture implementation
· Cloud integration (Azure/AWS identity integration)
· Experience with Cisco Secure Access or SASE solutions
· Automation/scripting (Python, Ansible, REST APIs)
Soft Skills
· Strong communication and documentation skills
· Ability to work cross-functionally with security and infrastructure teams
· Leadership and mentoring capability
· Strong analytical and problem-solving mindset
· Ability to manage multiple prioriti
Never miss an opportunity! Create an alert based on the job you applied for.
